Welcome to theTDA4advisors Blog

We are excited to share a collection of relevant, timely, and insightful articles that can help you grow and strengthen your business. TD Ameritrade and leading industry experts will be contributing their unique perspectives on the challenges and opportunities that RIAs are facing today. Thank you for joining our community and we look forward to connecting with you!

“As Managing Director of Institutional Oversight and Controls, my team and I are committed to helping advisors safeguard and protect client accounts at TD Ameritrade through education, collaboration with industry experts, and building awareness around industry trends.”

Cybersecurity risks have prompted the Securities and Exchange Commission (SEC) and state regulators to increase oversight and enforcement of advisor security measures. Regulators are focused on how registered investment advisors protect client information as part of their overall fiduciary responsibility.

1. Go old school. Since your email system is one of your firm’s most vulnerable access points, the safest way to communicate with clients is on the telephone. If you receive an email request for account information or a funds dispersal, call the client at the phone number you have on record. Don’t just trust your Caller ID—make the call yourself!

2. Establish a verbal password with each client. Explain that you will not release information or make changes to an account over the phone or without that password. Never use that password in an email.

3. Know your clients’ online habits. If it’s unusual for a client to email you, simply pick up the phone and call them.

4. Reinforce your firewall. Make sure the security software on all your computers and mobile devices is updated regularly, including antivirus and antispyware protection.

5. Use encryption software. Encryption software is commonly used to protect databases, but you should also use it for everything from email to texts. Encryption usually is an “add-on” for most email systems, so you may need to specifically request it from your Internet service provider or your software vendor.

6. Secure your backup files. Whether you manage your own backups from a secondary location or use a cloud-based vendor, test backups to make sure they are encrypted. If you use a third party, ask for regular reports on the vendor’s testing procedures.

7. Keep track of systems. Inventory all devices and software that either store or access client data.

8. Have a written firm-wide information security policy. Define where and how information is stored, which employees are allowed to retrieve data, and protocols designated for regularly testing security. Assign the role of Information Security Officer to someone in the office to oversee and manage these efforts.

10. Be careful outside the office. Be wary of public Wi-Fi networks, and take advantage of the security features on your smartphone or tablet. Then go to the specialists at your local electronics store to find out what other types of protection you can install.

11. Field potential complaints. Clients may be frustrated by these added security measures, so be ready to explain why they are in place.

The materials, views and opinions of third parties do not represent those of TD Ameritrade. TD Ameritrade and all third-parties mentioned are separate unaffiliated companies and are not responsible for each other’s services or policies.

TD Ameritrade has no control over how third parties may use information shared on the site.

Third-Party Site Disclosure

You are about to leave the TD Ameritrade Institutional website and enter an unaffiliated third-party website to access its products and services. The third-party site is governed by its posted privacy policy and terms of use, and the third party is solely responsible for the content and offerings on its website.

Click Continue to go to the third-party site, or click "", to return to the original website.